AMA ANNOUNCES ENHANCED ELECTRONIC PRESCRIBING LEARNING CENTER

Earlier this year, the American Medical Association (“AMA”) established a new online learning center to provide physicians with the information and tools that they need to make well-informed decisions about electronic prescribing (“ePrescribing”).  Now, the AMA has introduced additional enhanced tools for ePrescribing. 

The learning center offers many tools and resources to help physicians, including calculators to estimate time savings and eligibility for incentive payments as well as planning devices to help assess practice readiness for and ease implementation of new technologies.  Examples of some of the new tools include:

• A system finder tool that picks three systems for a user based on the user’s response to a brief survey
• Side-by-side comparisons of up to three sPrescribing vendors at one time
• The ability to view vendor feedback and ratings from other users, and the ability to provide one’s own feedback
• Automated capability to contact a vendor when a decision is reached

The site and its resources can be accessed by physicians and others at http://www.ama-assn.org/ama/pub/eprescribing/home.shtml.

© 2009 Parsonage Vandenack Williams LLC

  For more information, contact info@pvwlaw.com

CMS ANNOUNCES IT WILL DISCONTINUE PHASE II OF ELECTRONIC HEALTH RECORDS DEMONSTRATION

 

On April 7, 2009 CMS announced that, as a result of the incentive provisions for physicians to encourage the adoption of health information technology in the American Recovery and Reinvestment Act of 2009 (“ARRA”), CMS will change its plans for implementing the electronic health records (“HER”) Demonstration.  CMS will continue implementation of Phase I of the EHR Demonstration program on schedule.  CMS will continue working with Phase I community partners and practices, including local kick off meetings for more than 400 selected practices in May, 2009. The demonstration will begin as planned on June 1, 2009 and continue through May 21, 2014. However, CMS has decided to discontinue Phase II of the EHR demonstration, which originally was planned to begin operations in mid-2010.  

 

 

The EHR demonstration initiative aims to reward delivery of high-quality care supported by the adoption and use of electronic health records in physician practices. This initiative expands upon the foundation created by the Medicare Care Management Performance (“MCMP”) Demonstration. The goal of the demonstration is to foster the implementation and adoption of EHRs and health information technology (“HIT”) more broadly as effective vehicles to improve the quality of care provided and to transform the way medicine is practiced and delivered.    As part of the EHR demonstration, all participating primary care physician practices will be required to have a Certification Commission for Healthcare Information Technology (“CCHIT”)-certified EHR by the end of the second year. (CCHIT is the recognized certification authority for EHRs and their networks.)  Physician practices must, as part of the demonstration, utilize the EHR to perform specific minimum core functionalities that can positively impact patient care processes, (e.g., clinical documentation, ordering of lab tests, recording lab tests, and recording of prescriptions).  The core incentive payment is based on performance on the quality measures, with an enhanced bonus based on the degree of HIT functionality used to manage care.    On June 10, 2008 CMS announced its selection of 12 community partners in defined sites to help CMS implement the EHR demonstration. The approved community partners in each site represent diverse groups of organizations including varied HIT stakeholder collaborations, medical societies, primary care professional organizations and health departments. Phase I includes the following 4 sites: Louisiana, Southwest Pennsylvania, South Dakota (and some counties in bordering states), and Maryland and the District of Columbia. Recruitment of physician practices in the four Phase I sites was initiated on September 2, 2008, and the enrollment period closed on November 26, 2008. Over 800 eligible applications were received from interested practices in the four Phase I sites.      © 2009 Parsonage Vandenack Williams LLC   For more information, contact info@pvwlaw.com

New Behavioral Health “Network of Care” Web Site Launched by Department of Health and Human Services

The Nebraska Department of Health and Human Services (“DHHS”) has launched a new, easy-to-use Web site offering a comprehensive, Internet-based community resource for people with mental illness, their caregivers and service providers. The Network of Care Web for Behavioral Health Web site can be accessed at www.dhhs.ne.gov/networkofcare/.

 

 

“The Network of Care site is a big step forward in helping people find services and connect and share their stories,” said Scot Adams, director of the Division of Behavioral Health. “This one-stop information tool lets you access vital information about treatment resources and diagnoses, insurance, and advocacy and find other pertinent behavioral health Web sites. Consumers can also choose to communicate directly with others and to organize and store personal health records.”

 

 

Benefits of this Network of Care Web site include:

 

• Helping people find the right services at the right time. Click anywhere on the Nebraska map on the home page to get a comprehensive Service Directory of providers, organized by Behavioral Health Region.

• Giving consumers the option to use the secure Personal Health Record section to organize and store medical and healthcare-related information.

• Having communication tools such as message boards and community calendars to help people connect with each other or share information.

• Facilitating providers who want to share challenges and ideas or use the private message boards. Providers can even build their own free Web sites.

• Accessing the easy-to-search libraries; information about specific behavioral health disorders, pending legislation and advocacy; and daily news articles and the latest research about mental health and substance abuse issues from around the world.

• Having a site that is fully ADA-compliant and that offers a text-only version.

 

 

© 2009 Parsonage Vandenack Williams LLC

For more information, contact info@pvwlaw.com

 

Provider Information: Steps to Take to Prevent Incidents of Medical Identity Theft

          Health care providers need to implement approaches to detect, prevent and respond to medical identity theft incidents.  No single solution applies to all providers because of each provider’s unique size, overhead and available resources.  Therefore, providers should implement a variety of techniques, including patient authentication, training and awareness, and risk assessment.

          Providers should especially be awate of medical identity theft concerns because they could increase as the industry moves toward electronic health records and a national health information network.  If networks do not have adequate privacy and security protections, huge volumes of health information could be improperly accessed and used for medical identity theft, as well as other purposes.

          In many cases, providers have not yet considered the unique characteristics of medical identity theft as a part of their overall risk assessment.  It is important for providers to evaulate whether there are any gaps in their policies and procedures that might lead to medical identity theft.  The best time for this evaluation is during routine risk assessments.

         Although entities covered under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) are required to implement a security awareness and training program for their workforce, medical identity theft is raraly addressed as a separate, individual risk.  Requiring patient authentication – in the form of picture identification as well as a health insurance card – is one way to combat medical identity theft.

        In addition to using education and training to prevent incidents of medical identity theft, providers should consider conducting training following an incident to ensure that employees and contractors have responded appropriately.  This allows staff to debrief , identiry and apply lessons learned, and to continuously improve the quality of privacy and security process and procedures.  It will also help providers respond and mitigate any threats as well as learn steps that can be implemented in the future to prevent similar incidents from occurring.

 Guide to Medical Privacy and HIPAA.  Health Care Series.  December 2008, vol. 7, no. 11.

                

© 2008 Parsonage Vandenack Williams LLC

 For more information, contact info@pvwlaw.com

                                                                                                                                                     

 

                                                                                                                                                                 

Physician Communications Via Email

If a physician (or physician’s office) is going to email patients, due consideration should be given to HIPAA implications as well as medical malpractice issues. Whenever drafting an email, consider what the email could look like posted as evidence in a courtroom. Adopt a policy concerning email communications and stick with the policy.

Consider the following:

Encrypt email for secured communications.

Save emails to your medical record. You do not want to be in a position ever where a patient can produce an email from you but you don’t have a copy of it.

Include a confidentiality notice on all email.

Include the minimum necessary information in an email.

Never write emails when you are tired or angry. Save your email as a draft. Review once more before sending.

Do not copy others on emails to patients unless it is to your office administrator who is responsible for diligently saving the email.

Do not use email as a replacement for office visits.

Require patients to agree to the use of email for communications. Provide the patient a policy specifying what email can be used for.

 © 2008 Parsonage Vandenack Williams LLC  

 For more information, contact info@pvwlaw.com

Portable Devices Pose Challenges to Protecting Patient Privacy

Covered entities (“CEs”) need to be aware that their wireless networks and portable devices such as iPhones and BlackBerrys are not necessarily secure.

Almost twelve people have been charged with various counts of computer intrusion, fraud and identity theft, among other charges, for participating in a crime ring that allegedly hacked into nine major retailers’ wireless computer networks.  The feds believe that the conspirators stole credit and debit card numbers through “wardriving,” which involves one person who drives a car around while another person in the car attempts to gain access to a wireless network through a laptop computer.

CEs could be targeted in similar schemes and should make sure that their wireless networks are properly encrypted.  CEs should have already converted from using the Wired Equivalent Privacy (“WEP”) system of encryption to the more secure Wi-Fi Protected Access (“WPA”) protocol.  WEP encryption was more common until about a year ago, when researchers discovered weaknesses in it.

Additionally, CEs should remind staff members to use portable devices with care. There are two main risks: (1) if a doctor is in a public place and is using an unsecured network to transmit PHI [i.e., protected health information], then people could intercept that traffic if it is not encrypted or if it is encrypted with a weaker method; and (2) piggybacking on a signal to get into a laptop.  The second risk is much more difficult to accomplish, but it can be done so that perpetrators can look at the traffic coming from the device.

Use of portable devices like laptops and iPhones falls under HIPAA’s workstation use and security policies.  Therefore, CEs should remind staff members about where they can or cannot use these devices.  An airport is a particularly risky place to use such devices because anyone can log in for wireless access with a credit card and can intercept information.  Also, employees should use the locking features of the devices so that no one can open them without a password.  Finally, CEs should go over what kind of information is acceptable to transmit.  This will help to ensure that patient information is protected and HIPAA compliance is maintained at all times.

Health Business Daily, Sept. 17, 2008.

 

© 2008 Parsonage Vandenack Williams LLC

 

For more information, contact info@pvwlaw.com

Joint Commission Makes Accreditation Manuals Electronically Available

The Joint Commission Resources has announced that it will now provide its accreditation manuals in electronic form.  The electronic manuals are a web-based tool for understanding the Joint Commission’s accreditation requirements.  The tool allows users to retrieve accreditation standards, to search text and to locate specific elements of performance that are needed by the facility.  The Commission’s consulting and education subsidiary, the Joint Commission Resources, released the new electronic manuals as part of the organization’s Standards Improvement Initiative.

 

            Manuals for the hospital, critical-access hospital, ambulatory, office-based surgery and home care programs offer filtering tools which focus on the standards relevant to those organizations and a history tracking tool to monitor changes to the standards.  There will be filtering and history tools for the behavioral healthcare, laboratory and long-term-care programs available in the 2010 electronic manuals.

 

            To access the electronic manuals, go to http://www.jcrinc.com/Accreditation-Manuals/.

 

 

Jean DerGurhian.  “Join Commission Resources Moves Manuals Online.” Modernhealthcare.com, Dec. 3, 2008.

 

 

© 2008 Parsonage Vandenack Williams LLC

 

For more information, contact info@pvwlaw.com

New Email Drug Alerts for Physicians

The new Health Care Notification Network (“HCNN”) has started sending drug alerts to physicians via email, replacing traditional mail delivery of urgent drug warning and recall letters.  The network’s first alert centered on a widely manufactured and commonly used class of antibiotics and was sent immediately via the HCNN to health care providers.  The HCNN is a free service offered to all licensed U.S. physicians and their staff is used solely for FDA-mandated Patient Safety Alerts.  It is not used for advertising or marketing. Physicians and health care providers can register to receive electronic alerts at www.hcnn.net or through participating medical societies and other HCNN partners.

Health Care Notification Network, October 28, 2008.

    

© 2008 Parsonage Vandenack Williams LLC

 

 

For more information, contact info@pvwlaw.com

“How-To” Guide for E-Prescribing Released

            On October 7, 2008, a coalition of health care stakeholders released a “how-to” guide to help providers make informed decisions regarding how and when to transition from paper to electronic prescribing systems.  The guide is called A Clinician’s Guide to Electronic Prescribing.  It was issued by eHealth Initiative (“eHI”) in cooperation with the American Medical Association, the American Academy of Family Physicians, the American College of Physicians, the Medical Group Management Association, and the Center for Improving Medication Management.

 

Electronic prescribing is an efficient way to improve health care delivery, decrease medication errors, and prevent potentially dangerous drug interactions.  But the transition from a paper system to an electronic system can be difficult.  The newly-released guide is intended to eliminate some of the confusion about e-prescribing and help physicians begin to realize some of the benefits that e-prescribing can bring to both their patients and their practices.

 

The first part of the guide targets office-based clinicians who are new to the idea of e-prescribing and are looking for a basic understanding of e-prescribing – what it is, how it works, what the benefits and weaknesses are, and the current environment impacting its widespread adoption.  The second part targets those office-based clinicians who are ready to use e-prescribing as a part of their practices.

 

To view the guide, click here.

 

 © 2008 Parsonage Vandenack Williams LLC  

 

For more information, contact info@pvwlaw.com

 

Compliance Risks Escalate with the Use of Electronic Medical Records Systems

Health care providers truly appreciate electronic medical record (“EMR”) templates because they make documentation faster and easier.  However, abuses such a cloning and “exploding” notes are putting reimbursement and compliance at risk.  If too much information is replicated from one EMR to the next, there is very little to distinguish patient encounters, which undermines physician attempts to establish medical necessity — the foundation of Medicare reimbursement — and might implicate quality of care.

Although Centers for Medicare & Medicaid Services (“CMS”) has not adopted a position on templates, the agency has noted that they are supposed to encourage physician documentation, and not do most of the work.  The problems with templates have become a hot issue because EMR systems are becoming more popular.  Moreover, physicians are constantly working to comply with Medicare’s 1995 or 1997 evaluation and management documentation guidelines.  However, experts warn that prepopulated templates and cloning may be too easy to help.  Cloning may work for certain elements of the history, but it should not be used for the history of present illnesses, the exam, or the medical decision-making portion.

Medicare carriers do not like the use of so-called “default documentation” because they really cannot tell what kind of work is performed in each encounter if the records are so similar.  Also, payers want the documentation to support medical necessity, but it is difficult for physicians to document medical necessity because it is a cognitive process.  Carrying forth documentation that is not relevant to what the physician did, through the use of cloning or prepopulated templates, is not eligible to receive payment because it is not medically necessary.  The government is becoming increasingly aware of this because EMR is becoming so widely used.

Specific Medicare concerns include the possibility that defaulted documentation may cause a provider to overlook significant new findings, as well as the possibility that the provider’s computerized documentation program defaults to a more extensive history and physical examination than is medically necessary to perform on a given day, and does not specifically set forth new findings and changes in a patient’s condition.

In some instances, prepopulated templates and cloned records hardly appear to describe the patient at all.  When a patient goes to see a doctor and the EMR for the visit is cut and pasted from the previous medical encounter, all vital signs, history and physical, and review of systems are carried over from the patient with the intention of updating it. 

It is important for physicians to take the time to customize medical records to the greatest extent possible, even in a template system, in order to make it clear to auditors that they are not carbon-copy records.  This will allow physicians to benefit from the efficiency of EMR, but also to maintain full compliance with Medicare’s standards.  Document the patient’s primary complaint, which should carry through to the physical exam and the history, and that should support decision making and medical necessity.[1]

[1] Report on Medicare Compliance, May 28,2007.

 © 2008 Parsonage Vandenack Williams LLC  

 

For more information, contact info@pvwlaw.com